summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--program/lib/Roundcube/rcube_contacts.php8
-rw-r--r--program/lib/Roundcube/rcube_spellchecker.php8
-rw-r--r--program/lib/Roundcube/rcube_user.php26
3 files changed, 21 insertions, 21 deletions
diff --git a/program/lib/Roundcube/rcube_contacts.php b/program/lib/Roundcube/rcube_contacts.php
index 5c9e5ab39..2e03352bf 100644
--- a/program/lib/Roundcube/rcube_contacts.php
+++ b/program/lib/Roundcube/rcube_contacts.php
@@ -350,7 +350,7 @@ class rcube_contacts extends rcube_addressbook
if (in_array($col, $this->table_cols)) {
switch ($mode) {
case 1: // strict
- $where[] = '(' . $this->db->quoteIdentifier($col) . ' = ' . $this->db->quote($val)
+ $where[] = '(' . $this->db->quote_identifier($col) . ' = ' . $this->db->quote($val)
. ' OR ' . $this->db->ilike($col, $val . $AS . '%')
. ' OR ' . $this->db->ilike($col, '%' . $AS . $val . $AS . '%')
. ' OR ' . $this->db->ilike($col, '%' . $AS . $val) . ')';
@@ -390,7 +390,7 @@ class rcube_contacts extends rcube_addressbook
}
foreach (array_intersect($required, $this->table_cols) as $col) {
- $and_where[] = $this->db->quoteIdentifier($col).' <> '.$this->db->quote('');
+ $and_where[] = $this->db->quote_identifier($col).' <> '.$this->db->quote('');
}
if (!empty($where)) {
@@ -630,7 +630,7 @@ class rcube_contacts extends rcube_addressbook
$a_insert_cols = $a_insert_values = array();
foreach ($save_data as $col => $value) {
- $a_insert_cols[] = $this->db->quoteIdentifier($col);
+ $a_insert_cols[] = $this->db->quote_identifier($col);
$a_insert_values[] = $this->db->quote($value);
}
@@ -665,7 +665,7 @@ class rcube_contacts extends rcube_addressbook
$save_cols = $this->convert_save_data($save_cols, $record);
foreach ($save_cols as $col => $value) {
- $write_sql[] = sprintf("%s=%s", $this->db->quoteIdentifier($col), $this->db->quote($value));
+ $write_sql[] = sprintf("%s=%s", $this->db->quote_identifier($col), $this->db->quote($value));
}
if (!empty($write_sql)) {
diff --git a/program/lib/Roundcube/rcube_spellchecker.php b/program/lib/Roundcube/rcube_spellchecker.php
index 3182ff378..5b77bda02 100644
--- a/program/lib/Roundcube/rcube_spellchecker.php
+++ b/program/lib/Roundcube/rcube_spellchecker.php
@@ -352,7 +352,7 @@ class rcube_spellchecker
"UPDATE ".$this->rc->db->table_name('dictionary')
." SET data = ?"
." WHERE user_id " . ($plugin['userid'] ? "= ".$this->rc->db->quote($plugin['userid']) : "IS NULL")
- ." AND " . $this->rc->db->quoteIdentifier('language') . " = ?",
+ ." AND " . $this->rc->db->quote_identifier('language') . " = ?",
implode(' ', $plugin['dictionary']), $plugin['language']);
}
// don't store empty dict
@@ -360,14 +360,14 @@ class rcube_spellchecker
$this->rc->db->query(
"DELETE FROM " . $this->rc->db->table_name('dictionary')
." WHERE user_id " . ($plugin['userid'] ? "= ".$this->rc->db->quote($plugin['userid']) : "IS NULL")
- ." AND " . $this->rc->db->quoteIdentifier('language') . " = ?",
+ ." AND " . $this->rc->db->quote_identifier('language') . " = ?",
$plugin['language']);
}
}
else if (!empty($this->dict)) {
$this->rc->db->query(
"INSERT INTO " .$this->rc->db->table_name('dictionary')
- ." (user_id, " . $this->rc->db->quoteIdentifier('language') . ", data) VALUES (?, ?, ?)",
+ ." (user_id, " . $this->rc->db->quote_identifier('language') . ", data) VALUES (?, ?, ?)",
$plugin['userid'], $plugin['language'], implode(' ', $plugin['dictionary']));
}
}
@@ -394,7 +394,7 @@ class rcube_spellchecker
$sql_result = $this->rc->db->query(
"SELECT data FROM ".$this->rc->db->table_name('dictionary')
." WHERE user_id ". ($plugin['userid'] ? "= ".$this->rc->db->quote($plugin['userid']) : "IS NULL")
- ." AND " . $this->rc->db->quoteIdentifier('language') . " = ?",
+ ." AND " . $this->rc->db->quote_identifier('language') . " = ?",
$plugin['language']);
if ($sql_arr = $this->rc->db->fetch_assoc($sql_result)) {
diff --git a/program/lib/Roundcube/rcube_user.php b/program/lib/Roundcube/rcube_user.php
index 3e4be0ab9..1d5a90577 100644
--- a/program/lib/Roundcube/rcube_user.php
+++ b/program/lib/Roundcube/rcube_user.php
@@ -265,7 +265,7 @@ class rcube_user
"SELECT * FROM ".$this->db->table_name('identities').
" WHERE del <> 1 AND user_id = ?".
($sql_add ? " ".$sql_add : "").
- " ORDER BY ".$this->db->quoteIdentifier('standard')." DESC, name ASC, identity_id ASC",
+ " ORDER BY ".$this->db->quote_identifier('standard')." DESC, name ASC, identity_id ASC",
$this->ID);
while ($sql_arr = $this->db->fetch_assoc($sql_result)) {
@@ -300,7 +300,7 @@ class rcube_user
$query_cols = $query_params = array();
foreach ((array)$data as $col => $value) {
- $query_cols[] = $this->db->quoteIdentifier($col) . ' = ?';
+ $query_cols[] = $this->db->quote_identifier($col) . ' = ?';
$query_params[] = $value;
}
$query_params[] = $iid;
@@ -336,7 +336,7 @@ class rcube_user
$insert_cols = $insert_values = array();
foreach ((array)$data as $col => $value) {
- $insert_cols[] = $this->db->quoteIdentifier($col);
+ $insert_cols[] = $this->db->quote_identifier($col);
$insert_values[] = $value;
}
$insert_cols[] = 'user_id';
@@ -401,7 +401,7 @@ class rcube_user
if ($this->ID && $iid) {
$this->db->query(
"UPDATE ".$this->db->table_name('identities').
- " SET ".$this->db->quoteIdentifier('standard')." = '0'".
+ " SET ".$this->db->quote_identifier('standard')." = '0'".
" WHERE user_id = ?".
" AND identity_id <> ?".
" AND del <> 1",
@@ -641,11 +641,11 @@ class rcube_user
$result = array();
$sql_result = $this->db->query(
- "SELECT search_id AS id, ".$this->db->quoteIdentifier('name')
+ "SELECT search_id AS id, ".$this->db->quote_identifier('name')
." FROM ".$this->db->table_name('searches')
." WHERE user_id = ?"
- ." AND ".$this->db->quoteIdentifier('type')." = ?"
- ." ORDER BY ".$this->db->quoteIdentifier('name'),
+ ." AND ".$this->db->quote_identifier('type')." = ?"
+ ." ORDER BY ".$this->db->quote_identifier('name'),
(int) $this->ID, (int) $type);
while ($sql_arr = $this->db->fetch_assoc($sql_result)) {
@@ -673,9 +673,9 @@ class rcube_user
}
$sql_result = $this->db->query(
- "SELECT ".$this->db->quoteIdentifier('name')
- .", ".$this->db->quoteIdentifier('data')
- .", ".$this->db->quoteIdentifier('type')
+ "SELECT ".$this->db->quote_identifier('name')
+ .", ".$this->db->quote_identifier('data')
+ .", ".$this->db->quote_identifier('type')
." FROM ".$this->db->table_name('searches')
." WHERE user_id = ?"
." AND search_id = ?",
@@ -730,11 +730,11 @@ class rcube_user
$insert_cols[] = 'user_id';
$insert_values[] = (int) $this->ID;
- $insert_cols[] = $this->db->quoteIdentifier('type');
+ $insert_cols[] = $this->db->quote_identifier('type');
$insert_values[] = (int) $data['type'];
- $insert_cols[] = $this->db->quoteIdentifier('name');
+ $insert_cols[] = $this->db->quote_identifier('name');
$insert_values[] = $data['name'];
- $insert_cols[] = $this->db->quoteIdentifier('data');
+ $insert_cols[] = $this->db->quote_identifier('data');
$insert_values[] = serialize($data['data']);
$sql = "INSERT INTO ".$this->db->table_name('searches')